Skip to content

Commit

Permalink
Merge pull request #419 from openid/tl/c-nonce-expires-removal
Browse files Browse the repository at this point in the history
remove c_nonce_expires_in from nonce response
  • Loading branch information
tlodderstedt authored Dec 3, 2024
2 parents 83d13a7 + 34b839b commit a1a3db9
Showing 1 changed file with 3 additions and 4 deletions.
7 changes: 3 additions & 4 deletions openid-4-verifiable-credential-issuance-1_0.md
Original file line number Diff line number Diff line change
Expand Up @@ -774,8 +774,7 @@ Content-Length: 0

The Credential Issuer provides a nonce value in the HTTP response with a 2xx status code and the following parameters included as top-level members in the message body of the HTTP response using the application/json media type:

* `c_nonce`: REQUIRED. String containing a nonce to be used when creating a proof of possession of the key proof (see (#credential-request)).
* `c_nonce_expires_in`: OPTIONAL. Number denoting the lifetime in seconds of the `c_nonce`. This value serves only as a hint to the Client, indicating how long the Credential Issuer is likely to accept the `c_nonce` as valid.
* `c_nonce`: REQUIRED. String containing a nonce to be used when creating a proof of possession of the key proof (see (#credential-request)). This value MUST be unpredictable.

Due to the temporal and contextually sensitive nature of the `c_nonce` value, the Credential Issuer MUST make the response uncacheable by adding a `Cache-Control` header field including the value `no-store`.

Expand All @@ -787,8 +786,7 @@ Content-Type: application/json
Cache-Control: no-store
{
"c_nonce": "wKI4LT17ac15ES9bw8ac4",
"c_nonce_expires_in": 120
"c_nonce": "wKI4LT17ac15ES9bw8ac4"
}
```

Expand Down Expand Up @@ -2572,6 +2570,7 @@ The technology described in this specification was made available from contribut
* Fixed #239: Completed IANA Considerations section
* add key attestation as additional information in a proof of possesion and new proof type
* change credential format identifier `vc+sd-jwt` to `dc+sd-jwt` to align with the media type in draft -06 of [@I-D.ietf-oauth-sd-jwt-vc] and update `typ` accordingly in examples
* removes `c_nonce_expires_in` from Nonce Endpoint

-14

Expand Down

0 comments on commit a1a3db9

Please sign in to comment.